[...]... also using quantum stochastics) of cryptology By no means do we claim completeness, only some introductions to certain topics can be given Important areas, such as for example secret sharing, multi-party systems, zero-knowledge, problems on information transmission channels, linear cryptanalysis, digital fingerprinting, visual cryptography (see, for example, de Bonis, de Santis (2001)), etc., had to Introduction. .. since then that number theory and algebra are of decisive importance in modern cryptology, both in cryptography and cryptanalysis, in contrast to the assertion of the English mathematician G Hardy (187 7-1 947) that by analyzing primes one “can not win wars”! Nowadays, not only (classical) algebra and number theory, but also many other fields of mathematics, such as highly advanced topics of algebra and... language in which the plaintext is written automatically leak through to the ciphertext, i.e (for long enough messages) frequent letters (or m-grams) in the ciphertext correspond to frequent letters (or m-grams) in the plaintext, and by some statistical analysis it is, in general, not too difficult to find the D Neuenschwander: Prob and Stat Methods in Cryptology, LNCS 3028, pp 9-1 5, 2004  Springer-Verlag... fact In the year 1586, the French diplomat Blaise de Vigen`re (152 3-1 596) found a polyalphabetic code that e 1 In all our subsequent text, the word “decipher” will mean the decoding of a ciphertext by its legitimate receiver, whereas “decrypt” will mean the breaking of the code by an adversary D Neuenschwander: Prob and Stat Methods in Cryptology, LNCS 3028, pp 1-7 , 2004  Springer-Verlag Berlin Heidelberg... determined solely by the arithmetic properties of b However, one finds that the extraction rate is 0 for Lebesgue-almost all biases b On the contrary, we speak about pseudo-random generators in the following In Chapter 5, we present some important examples (linear feedback shift registers (Section 5.1) and combinations thereof (Section 5.5), non-linear feedback shift registers (Section 5.4), shrinking and... (except in the short Section 2.6) Also the integrity/authenticity problem will only be addressed in Sections 2.1 (electronic RSA signature) and 6.2 (impersonation attack), and Chapter 12 (meet -in- the-middle attack) Apart from that, in this introductory text we will mainly be concerned with secret keeping In this chapter, we will present a classical cryptosystem, the so-called Vigen`re cipher, invented in. .. subsequent literature Another public-key algorithm, the Diffie-Hellman system, will be discussed in Chapter 8 Section 2.5 warns against careless hardware implementation, so that certain internal parameters (e.g., processing time) can be measured by the adversary, and advises on avoiding such attacks For further reading about the subject of “timing attacks”, we also refer to Schindler (2002a) In Section 2.6... described in the foregoing section becomes more and more difficult if the keyword becomes longer and longer and is ”random enough” If, as a keyword, one takes a random string of the same length as the plaintext itself, then the ciphertext becomes a random string, too, and thus the system is theoretically (or ”perfectly”) secret (or ”secure”) This system is called the One-Time Pad and was invented in 1917 by. .. mod.nB ) by y := xeB (mod.nB ) D Neuenschwander: Prob and Stat Methods in Cryptology, LNCS 3028, pp 1 7-3 5, 2004  Springer-Verlag Berlin Heidelberg 2004 (2.2) 18 2 RSA and Probabilistic Prime Number Tests and sends this to Bob Bob will make the decoding x = y dB (mod.nB ) (2.3) (which follows from (2.2) by (2.1) and Fermat’s Little Theorem) So the RSA system seems to ensure confidentiality The system can... of quantum computing Finally, a word about giving proper credits should be said: In cryptology, it is even more difficult than in other sciences to know to whom a certain result should really be attributed, since often methods that have been published later have already been developed (at least to a certain extent) before by cryptologists who were not allowed to publish their findings, especially Introduction . Cryptology An Introduction by Selected Topics 13 Author Daniel Neuenschwander Universities of Bern and Lausanne (Switzerland) and Swiss Ministry of Defense Section of Cryptology 3003 Bern, Switzerland E-mail:. Copyright Law. Springer-Verlag is a part of Springer Science+Business Media springeronline.com c  Springer-Verlag Berlin Heidelberg 2004 Printed in Germany Typesetting: Camera-ready by author, data. Weikum Max-Planck Institute of Computer Science, Saarbruecken, Germany 3 Berlin Heidelberg New York Hong Kong London Milan Paris Tokyo Daniel Neuenschwander Probabilistic and Statistical Methods in Cryptology An